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Description 

METHOD FOR REQUESTING, GENERATING AND DIS- 
TRIBUTING SERVICE-SPECIFIC TRAFFIC ENCRYPTION 
KEY IN WIRELESS PORTABLE INTERNET SYSTEM, 
APPARATUS FOR THE SAME, AND PROTOCOL CON- 
FIGURATION METHOD FOR THE SAME 
Technical Field 

[1] The present invention relates to seairity in a wireless poitable Internet system, and 

more particularly relates to an apparatus for generating and distributing a servbe- 
spedfic traffc encryption key in the IEEE 802.16 wireless Metropolitan Area Network 
(MAN) system, a method for the same, and a protocol configuration method for the 
same. 

Background Art 

[2] As the next-generation oommunication technology, wireless portable Internet 

aa;ess further provides iiDbility to a local data communication system such as a con- 
ventional wireless Local Area Network (LAN) using a stationary access point (AP). 

[3] There are various standard protax)ls that have been developed for supporting the 

wireless portable Internet access, and the IEEE 802.16 working group tries to establish 
an international standard of the wireless portable Internet protax)!. 

[41 ' The authentication and authorization standard defined by the IEEE 802, 1 6 es- 
tablishes authentication functions for stations in the wide area network oanRgured with 
wireless networks. In particular, since the subscriber station (SS) authentication 
function standardized by a privacy layer of the IEEE 802.16 is defined only for SSs 
within a fixed network, it is inappropriate for the authentication function to apply SSs 
or subscribers to be capable of supporting mobihty, which is a current trend of rmbile 
services. That is, since the authentication function docs not specify detailed functions 
in a base station (BS) which describes messages and procedures for authenticating the 
subscriber stations on the basis of the fixed networks, additional functions of the base 
station arc required for the mobile services. The requirement of additional functions 
requires the base station to have profiles of all subscribers who currently receive 
services, and the same requires a function of API for the CA interface or a function of 
acLzepdng auth^tkation clients for interface with an authentication server whm the 
base station does not have the profiles. 
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[5] Also, since the oDnventional authentcaticm for the subscriber stations on the fixed 

network is based on digita] certificates, the conventional authentication process is 
restricted to servers which perform certificate-bafied authentication when a user 
accesses an authentication server to be authenticated, and the conventional au- 
thentication process needs other improved functions for security of the base station 
since the conventional standard defines that the base station distributes a security key 
between the subscriber station and the base station. 

[6] FIG. 1 is a schematic diagram showing the outline of a wireless portable Tntemet 

system. 

[7] As shown therein, the wireless portable Tntemet system basically includes a 

subscriber station 10/ base stations 20 and 21 perFonring wireless communication with 
the subscriber station 10, and routers 30 and 31 connected to the base stations 20 and 
21. 

[8] The wireless LAN method such as the conventional IHBH 802. 1 1 provides a data 

communication method which allows short-range radio communication with refarence 
to fixed access points, which provides no nobility of the subscriber station 
(hereinafter, referred to as *S9') but which supports wireless short-range data com- 
munication oth^ than wired short-range data communication. 

[9] Meanwhile, a new wireless portable Intemet system currently progressed by the 

IEEE 802. 1 6 working group is designed to provide the nobility to the SS so as to 
provide a seamless data conununication service when the SS 1 0 nuves from one cell 
covered by a base station 20 manages to another cell covered by an associated base 
station 21 (refer to FIG. 10). 

[10] The THRE 802.1 6 is a standard protocol supporting metropolitan area network 

(MAN) covering data oommunvation within a metropolitan-si/^ area between the 
local area networic (LAN) and the wide area network (WAN). 

[11] Hence, the wireless portable Intemet system supports a handover of the SS 1 0 and 
allocates a dynank IP address corresponding to the movement of the SS in a like 
manner of mobile comniumcation service. 

[12] In tiie wireless portable Intemet system, the SS 1 0 communicates with the base 
stations 20 and 21 by employing the OFDMA (Orthogonal Frequency Division 
Multiple Access) method. The OFDMA is a multiplexing method that combines the 
time division multiplexing (TDM) method and the ftequency division method (EDM) 
using a plurality of orthogonal frequency sufacarriers as a plurality of sub-channels. 
The OFDMA resists multi-paths fading, and sends data at a high rate. 
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FIG. 2 shows a diagram for a layered protocol structure of the wireless portable 
Internet systrai shown in PIG. 1. 

As shown in FIG. 2, the layered protocol structure of the IEEE 802.16 wireless 
portable Internet system includes a physical layer LIO, and Media Access Control 
(MAC) layers 121. 122, and 123. 
[IS] The physical layer LIO pcifonns a wireless cxmimunication function including 
madulation/deiiDdulation, and coding, etc., that have been typically provided by a 
physical layer. 

[16] Fuither, the wireless portable Internet system performs various functions using a 
single MAC layer compared to a wired Iiitemet system pcrfoming functions that uses 
function-spcdflc multiple sublayers. 

The MAC layer has funcdon-sped& multiple sublayers: a privacy sublayer 121 , a 
MAC GoromDn part sublayer 122, and a service-sped& convergence sublayer 123. 

The privacy sublayer 121 provides both authentication and encryption functions, 
and allows overlapping keys so that keys can be updated without interrupting the flow 
of data. 

[1 91 However, the privacy sublayer 121 provides authentication for secure network 

2u;ess and connection establishment to avoid theft of services, and also provides key 
exchange and encryption for data privacy. However, it authenticates a system only, 
and user authentication is provided by an upper layer (not shown) of the MAC layer. 

[20] The MAC oomnon part sublayer L22 carries the key functions. It provides system 
aucess, bandwidth allocation, connection establishment, and connection maintenance. 
The MAC common part sublayer 122 also manages quality of service (QoS). 

[21] The service spediic convergence sublayer 123 provides payload header 
suppression and QoS mapping for a constant flow of data. 

[22] FIG. 3 shows a block diagram for a traffic structure between the base station 20 

(hereinafter, refeiied to as "BS^') and the subscriber station 10 in the wireless portable 
Internet system shown in FIG. 1 . 

[23] As shown in FIG. 3, the MAC layer of the subscriber station 10 is connected to die 
MAC layer of the base station 20 through a traffic connection CI. 

[24] Herein, the **traffic connection Cr* is a logical connection rather than a physical 
connection, and represents a mapping relationship between equivalent peers in the 
MAC of the SS and the BS for tcafiBc transmission through each service flow. 

[25] Aanrdingly, parameters or messages defined in the trafGc connection CI state 
define functions between the MAC peer layers, and actually, the parameters or the 
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messages are processed into ficames and transnitted tbrough the physical layer, and the 

frames are analyzed so that the functions corresponding to the parameters or the 

messages are performed in the MAC layer, 
[26] These messages further include various messages to perform request REQ, response 

RSP and acknowledgement ACK functions. 
[27] Meanwhile, to provide the subscribers with a secuiity-proof network and fair 

service, the IEEE 802.16 wireless portable Internet system provides an encryption of 

traffic data which is regarded as a critical requirement for security and safety of 

networks, recently. 

[28] The conventional IEEE 802.16 wireless portable Internet system defines a method 
of generating and distributing a traffic encryption key to be used for security on a 
traffic ourmection so as to encrypt traffic data prior to establishing the traffic 
cormection. AoDording to this method, the SS and the BS use PKM-REQ ^vacy Key 
Management - Request) message and PKM-RSP (Privacy key Management - 
Response) message so as to generate and distribute a traffic encryption key. Herein, 
the PKM-REQ message and the PKM-RSP message are related to authentication. In 
other words, the SS sends a Key Request message, which is an internal message of the 
PKM-REQ messages^ to die BS to request a traffic encryption key from the BS, and 
the BS sends a responding message to tiie SS. In detail, the BS sends a Key Reply 
message to the SS when the refreshment of the troffk encryption key is suoccssful or a 
Key Reject message to the SS when the refreshment of the traffic encryption kqy is 
failed. The traffic encryption key is newly gcnc»:atcd and distributed throughout the 
foregoing method, and the SS and the BS encrypt traffic data for transnisslon using 
the traffic encryption key. 

[29] However, such a conventional method for generating and distributing a traffic 

encryption key defined by tiie IEEE 802.16 wireless portable Internet system is United 
to theuiucast service between the SS and the BS. 

[301 However, the multicast service and die broadcast service also must be taken into 
consideration in the lE^ 802.16 wireless portable Internet system so as to provide 
extendable and secure services to a large nunobcr of subscribers. 

[3 1 1 Further, in the case of providing a multicast service or a broadcast scrvbe in the 
IEEE 802.16 wireless portable Internet system, special regard must be paid to some 
matters related to traffic data encryption. In other words, the service must be provided 
with proper restrictions for unauthorized users for the multicast service or the 
subscribers of other service providers for die broadcast servkc. However, the current 
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Standard does not clearly define sich a restriction. 
Disclosure of Tnvention 
Technical Problem 

[321 It is an advantage of the present inv^tion to provide an apparatus for generating 

and distributing a key for encryption of traffic by various services in a wireless 
portable Internet system, a method for the same, and a protocol configuration method 
for the same. 

[33] It is another advantage of the present invention to provide an ^paratus for 

generating and distributing a sei-vice-spedfc traffic encryption key in a wireless 
portable Internet system that acepts a failure ouirring in the service-spedfic trafiic 
encryption key generation step, a method for the same, and a protoool configuration 
method for the same. 

Technical Solution 

[34] In one aspect of the present invention, there is provided a method for requesting a 

service-spedfic traffic encryption key in a wireless portable Internet system, which 
method is for a subscriber station requesting a service-specific traffic encryption key 
fi-om a base station wirelessly connected to the subscriber station in the wireless 
poitable Internet system. The method includes: (a) detenrining a service type for the 
requested traffic encryption key to be used for security on a traffic connection to the 
base station before establishing the traffic connection; (b) generating a Key Request 
message for requesting a traffic encryption key aax>rding to the determined service 
type; and (c) sending the generated Key Request message to the base station using a 
Media Access Control (MAC) message. 

[35] Anodier aspect of the present invention provides a method for generating and dis- 

tributing a service-spedfic traffic encryption key in a wireless portable Internet 
system, the method being for a base station generating and distributing a traffic 
encryption key by each service to a subscribe station wirelessly connected to the base 
station in the wireless portable Internet system. The method includes: (a) receiving a 
Key Request message used for requesting the service-spedfic traffic encryption key 
from the subscriber station; (b) ana1y>nng the Key Request message to detemine a 
service type; (c) generating a trafTc encryption key aooording to the det^nined 
service type; and (d) generating a Key Reply message including the generated trafiic 
encryption key and sending the genmted Key Reply message to the subscriber station 
using a MAC message. 
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[36] In a furtber aspect of the present invention, there is provided a protocol con- 
figuration method for generaLing and distributing a service-spedfc traffic en^yption 
key in a wireless portable Internet system, which method is for generating and dis- 
tributing a traffic encryption key used for security on a traffic connection between a 
base station and a subscriber station by esch service in the wireless portable Internet 
system. The protoGo] configuration method includes: (a) the subscriber station sending 
a Key Request message for requesting a traffic encryption key by each service to the 
base station using a MAC message; and (b) the base station analyzing the Key Request 
message received from the subscriber station, generating the requested scrvbc-spcdfb 
traffic encryption key, and sending a Key Reply message including the gcncntcd 
service-spedlx traffic encryption key to the subscriber station using a MAC message. 

[S] In still another aspect of the present invention, th^ is provided an apparatus for 
requesting a service-spedbBc traffic encryption key in a wireless portable Internet 
system, which apparatus is wirelessly connected to a base station in the wireless 
portable Internet system to request a service-specific traf& encryption key from the 
base station. The apparatus includes: a Key Request message generator for generating 
a Key Request message for requesting the service-spedfic traffic encryption key from 
the base station; a Key Request message sender for sending the Key Request message 
of the Key Request message generator to tiie base station using a MAC message; a key 
reply/reject message receiver for receiving a Key Reply message or a Key Reject 
message from the base station using a MAC message; a message analyzer for 
analyzing the Key Reply message or the Key Reject message from the key reply/reject 
message receiver to extract the traffic encryption key from the Key Reply message, or 
analyze an error type from the Key Reject message; and a key request controller for 
controlling operations of the Key Request message generator, the Key Request 
message sender, the key reply/reject message receiver, and the.messago analyzer, 
requesting the base station to refresh the service-^pedfic traffic encryption key and 
process the new traffic encryption key when it receives Key Request message or an 
error code when it receives Key Reject message. 

[38] In stil] another aspect of the present invention, there is provided an £^paratus for 
generating and distributing a service^spedfic traffic mcryption key in a wireless 
portable Internet system, which apparatus is for a base station generating and dis- 
tributing a service-specific traffic enciyption key to a subscriber station in the wireless 
portable Internet system. The apparatus includes: a Key Request message receiver for 
receiving a Key Request message from the subscriber station using a MAC message; a 
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message analyzer for analyzing the Key Request message from the Key Request 
message receiver to extract information including a service type included in the Key 
Request message; a subscriber discrininator for detenrining whether or not a trdffic 
encryption key can be generated to a requested service included in the Key Request 
message; a traiSc encryption key generator for generating a service-spedfc traffc 
encryption key analyzed by the message analyzer; a Key Reply message sender for 
generating a Key Reply message including the traffic encryption key generated by the 
traffic encryption key generator acoording to the requested service type of the 
subscriber station, and sending the generated Key Reply message to the subscriber 
station using a MAC message; and a key generation and distribution controller for 
oonti'olling operations of the Key Request message receiver, the message analyzer, the 
subscriber discrininator, the traffk^ enciyption key generator, and the Key Reply 
message sender to generate and distribute a corresponding service-spedfic traffic 
encryption key by a request for service-spedfic traffk: encryption key refreshment 
fronq the subscriber station. 
Brief Description of the Drawings 

The acQDmpanying drawings, which are inoocporated in and constitute a part of the 
spedfication, illustrate an eirbodiment of the invention, and, together with the de- 
scription, serve to explain the prindples of the invention; 

PIG. 1 shows a brief diagram of a wireless portable Internet aoootding to an 
exemplary eni>odiment of the present invention; 

FIG. 2 shows a diagram for a layered protoool structure of the wireless portable 
Internet system shown in FIG. 1; 

FIG. 3 shows a block diagram for a coupled structure between base stations and a 
subscriber station in the wirelass portable Internet system shown in FIG. 1; 

FIG. 4 shows a flowhart for establishing a traffic connection in the wireless 
portable Internet system aoDording to an exemplary ennbodiment of the present 
invention; 

FIG. S is a detailed flow chart of the process for generating and distributing a 
service-spedfic traffic encryption key as shown in FIG. 4; 

FIG. 6 shows a table of newly added parameters included in a Key Request 
message in a process for generating and distributing a service-spedfic traffic 
encryption key as shown in FIG. S; 

FIG. 7 shows the attributes of the service type parameter shown in FIG. 6; 

FIG. 8 shows the attributes of the multicast s^ice group ID field shown in FIG. 6; 
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[48] FIG. 9 shows a table of newly added error codes included in a Key Reject message 
in the process for generating and distributing a service-spedfic traffic encryption key 
as shown in FIG. 5; and 

[49] FIG. 10 is a block diagram of an apparatus for generating and distributing a service- 
speci& trafSc encryption key arording to an endbodiment of the preset invention. 
Best Mode for Carrying Out the Invention 

[SO] In the following detailed description, only the preferred cnbodimcnt of the 

invention has been shown and described, simply by way of illustration of the best 
node contemplated by the invcntor(s) of carrying out the invention. As will be 
realized, the invention is capable of nsdification in various obvious respects, all 
wiftout departing from the invention. Aooordingly, the drawings and description are to 
be regarded as illustrative in nature, and not restrictive. To clarify the present 
invention, parts which arc not described in the spcdfkation arc onitted, and parts for 
which same descriptions are provided have the same reference numerals. 

[51] Hereinafter, an apparatus for generating and distributing a scrvjce'SpeGt& traffic 
encryption key in a wireless portable Internet system aooording to an embodunent of 
the present invention will be described in detail with reference to the aoDompanying 
drawings. 

[52] Through the specification of the present invention, the term "portable wireless 
system" refers to "portable wireless MAN system." 

[53] FIG. 4 is a flow chart illustrating establishment of a traffic connection in a wireless 

Internet system aoooixling to an cnliodiment of the present invention. 

[54] Refeiring to FIG. 4, when a SS aocesses aBS, in step SIO, the BS establishes 
downlink synchronization with the SS, in step S20. 

[55] When the subscriber station 10 is synchronized to the downlink from the base 
station 20, the subscriber station 10 acquires an uplink parameter in step S30- Tor 
example, the parameter includes a channel descriptor message which follows a char- 
acteristic of the physical layer (e.g., the signal to noise ratio (SNR)). 

[56] The SS and the BS perform an initial ranging precedure, in step S40. During the 
initial ranging prccedure, the BS commands a tining adjustment and a power 
adjustment to the SS. Once the initial ranging procedure is completed, a periodic 
ranging prccedure is performed periodically. 

[57] Consequence to the completion of the ranging step S40, the SS and the BS 

negotiate the basic functions of the SS for oormcction establishment, in step SSO. Once 
the negotiation is completed, theBS authenticates the SS using acertifcate of the SS, 
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in step S60. 

Upon successful authorization for SS itself, the BS registers the equipment address 
with the network, in Step of S70. Then the SS attains an BP address via a Dynanfc 
Host Transfer Protox)! (DHCP) or MTP server to establish an TP connection, in step 
380, 

To provide a traffic service to the SS receiving the IP address, the BS performs a 
process of generating and distributing servk:e-sped& traffb encryption keys, in step 
S90, and establishes a traffic connection for the respective services, in step SltiO. 

FIG. S is a detailed flow chart of a process for generating and distributing service- 
specific traffic encryption keys as shown in FIG. 4, 

Referring to PfG. 5, the SS can use the traffic service after the completion of tfie 
process of IP connection establishment between the SS and theBS (the steps SIO to 
S80). The SS generates and distributes service-spedfic trafGc encryption keys to 
encrypt the received traffic data» in step S90. 

Rrst, the SS sends a Key Request message of the PKM-REQ message to the BS so 
3S to receive a traffic encryption key for a spedfic servfce, in step S91 . The Key 
Request message includes a pau^eter for receiving the service spedft-traffic 
encryption keys. Herein^ the parameter will be described later. 

In respond to the Key Request message bom the SS, the BS encrypt a key to be 
allccated to the SS using a traffic encryption key generation mechanise based on all 
the field values of the received message and sends the result to the SS, in st^ S93. 

In detail, when a traffic encryption key to be allocated to the SS is successfully 
generated, the BS sends a Key Reply message of the PKM-RSP message to the SS. 
However, when the BS fails to generate a traffic encryption key to be allocated to the 
SS, the BS sends a Key Reject message to the SS. The Key Reject message includes an 
error code related to the failure of key generation^ and the error code will be described 
later. 

In this manner, the BS sends the Key Reply message or the Key Reject message to 
the SS to complete the process of generating and distributing a traffic encryption key 
for tbe SS (the step 390). 

The Key R^ly message sent firom the BS to the SS includes the traffic encryption 
key for the type of service that the SS desired* Upon receiving the.Key Reply message, 
the SS encodes or decodes traffic data corresponding to the type of servke by using 
the traffic encryption key received from the BS. 

FTG. 6 shows a table of additionally required parameters included in the Key 
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Request message so as to generate and distribute the service-specific traffic encryption 
key in FIG. 5* 

[68] Referring to FIG. 6, the parameters in the Key Request message sent by the SS to 
request refxeshment of a traffic encryption key from the BS include a service type field 
and a multicast service group IP field. 

[691 The service type field indicates a type of tfic SS-dcsircd service. The BS refers to 
the type of service, and generates a corresponding traffic encryption key. Tlie multicast 
service group ID field acts as an identifier of a multicast service group, and is available 
only when the type of the SS-desked service for refreshing Ifae traffic encryption key is 
for a multicast service. The multicast service group ID field is also used for the 
purpose of restraining the SS from using services provided from other multicast 
service groups in the case that the SS is not authorized. 

[70] FIG. 7 shows attributes of the service type paramet^ shown in FIG. 6. 

[71] Referring to FIG. 7, the service type parameter indicates a type of service cor- 
responding to the traffic encryption. Ibr example, the service type parameter has a 
type of '28/ a length of 1 byte, and a value indicating the type of services. Ibr 
example, the type of service for the requested traffic enciyption is a unicast service 
when the service type parameter value is "0"; a multicast service when the service type 
parameter value is "1*'; and a broadcast service when the service type parameter value 
is '2." Hence, the BS generates a servbe-spedfic traffic enciyption key with refei*ence 
to the value of the service type parameter included in the Key Request message from 
the SS, and distributes the generated key to the SS. 
FIG. 8 shows the attiibutes of the multicast service group ID field shown in FIG. 6. 

[73] Referring to FIG. 8, the multicast service group ID is an identifier of the multicast 
scrvbe group provided by the IEEE 802.16 wireless portable Internet system. Ibr 
example, the multicast service group ID parameter has a type of '29," a length of 1 
byte, and a value as an identifier of the multicast service group. 

[74] The BS dctcrnines whether to generate a multicast service-spedfic traffic 

encryption key for the SS referring to the value of the multicast service group ID 
parameter included in the Key Request message sent from the SS. In other words, the 
BS dctcrnines whether SS can be authorized for the specific multicast service or not. 

[75] FIG. 9 shows a table of error codes included in a Key Reject message to generate 
and distribute a service-specific traffic encryption key as shown in FIG. S. 

[75] Referring to FIG. 9, when the BS fails to generate a service-spedfic traffic 

encryption key to be allocated to the SS» the BS sends a Key Reject message including 
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an error code to the SS. The tuntents of the error code include the following 
pai"ameters: "unsupported service type" and ''unauthorized multicast service group 
ID." 

The **unsupported service type" is one of the error code parameteni included in the 
Key Reject message so as to represent that the type of service identified by the service 
type field included in the Key Request message iram the SS is invalid so that it cannot 
supported by the BS. Fbr example, when the error code has a value of in the Key 
Reject message from the SS, it indicates that the key generation is a failure by 
^iinsupported service type." 

Meanwhile^ the "unauthorized multimst service group TD*' field is an error code 
generated in the case that the service type parameter included in the Key Request 
message indicates a multicast service type and the identifier in the tnulticast service 
group ID parameter is invalid to aliuate the traffic encryption key from the BS. Ibr 
example, the error code field having a value of "8" in the Key Reject inessage from the 
SS indicates a failure by "unauthorized multicast service group ID/' 

Hereinafter, a description will be given as to an apparatus for generating and dis- 
tributing a service-spedfic traffic encryption key in a wireless portable Internet system 
aoDording to an exemplary enbodiment of the present invention. 

HG. 10 is a block diagram of an apparatus for generating and distributing a service- 
spedfic traffic encryption key acording to an exemplary eniDodiment of the pre.sent 
invention. 

The apparatus for generating and distributing a service-specific traffic encryption 
key aaoording to an eidxxliment of the present invention comprises a SS 100 and aBS 
200, as shown in FIG. 10. 

The SS 100 includes a Key Request message generator 1 10, a Key Request 
message sender 120, a Key Request/Reject message receiver 130, a message analyzer 
140, a meiiDry 150, and a key request controller 160. 

The Key Request message generator 1 1 0 generates a Key Request message for 
requesting the BS 200 to allocate a service-spedfic traffic encryption key. The Key 
Request message is one of the RKM-REQ MAC messages in the IEEE 802.16. The 
Key Request message includes a service type parameter and a multicast service group 
ID parameter, as shown in FIG. 6. 

The Key Request message sender 120 sends the Key Request message generated 
from Key Request message generator 1 10 to the BS 200. 

The Key Reply/Reject message receiver 1 30 receives a Key Reply message or a 
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Key Reject message fiom the BS 200 via an antenna 1 70 using a PKM-RSP message 
of die MAC message. 

[86] The message analyzer 140 analyzes the Key Reply message or the Key Reject 

message of the Key Reply/Reject message receiver 1 30 to extract a traffc encryption 
key from the Key Reply message or dctcmine an error type from the Key Reject 
message. 

[87] The memory 150 stores the analyzing result of the message analyzer 140. Ibr 

example, the analyzing result includes a traffc encryption key extracted from the Key 
Reply message and used for encryption during a next traffic data transnission, or an 
error code oocuning due to a failure of generating the trafTic encryption key. 

[88] The key request controller 1 60 controls the operations of the Key Request message 
generator 1 10, the Key Request message sender 120, the Key Reply/Reject message 
receiver 130, the message analyzer 140, and the memory 150 so as to request a 
sci-vbe-spedfic traffic encryption key alloation frum the BS 200 or process an error 
code upon occurrence of an error. 

[89] On the other hand, the B S 200 includes a Key Request message receivsr 21 0, a 
message analyzer 220, a subscriber discrininator 230, a memory 240, a traffic 
encryption key generator 250, a Key Reply/Reject message sender 260, and a key 
generation and distribution controller TO, 

[90] Ibe Key Request message receiver 21 0 receives a Key Request message of PKM- 

REQ MAC messages from the SS 100 through an antenna 280. 

[91] The message analyzer 220 analyzes the Key Request message received from Key 
Request message receiver 210 and deterrrines whether panoneters included in the Key 
Request message indicates, the servbe type or the multkast service group ID. 

[92] When the requested service aoDording to the Key Request message is a multicast 

servbe, the subscriber discrininator 230 detenrines whether an identifier recorded on 
a multicast service group ID included in the Key Request message is valid to allocate a 
traffic encryption key. In other words, the subscriber discrirrinator 230 detemines 
whether the SS is audiorized for the multicast service group TD. In the cise that the 
identifier of the multicast service group TD is invalid to allocate the traffic encryption 
key, the subscriber discrininator 230 displays a Key Reject message indicating 
^'unauthorized multicast service group TD." 

[93] The menory 240 stores an analyzing result of the message analyzer 220 and a dis- 
crinination result of the subscriber discriniiiator 230. 

[94] The traffic encryption key generator 250 generates a service-spedfic traffic 
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enciyptiun key only when a request for a traffic encryption key by the SS is accepted. 

[95] When the traffic encryption key is suxessfully generated by the traffic encryption 
key generator 250, the Key Reply/Reject message sender 250 generates a Key Reply 
message including the generated traffic aicryption key and sends the generated Key 
Reply message to the SS 100 through the antenna 280 using a PKM-RSP message of 
the MAC messages. When the traffic encryption key generator 250 fails to generate the 
traffic encryption key, the Key Reply/Reject message generator 250 generates a Key 
Reject message including an error isde corresponding to the failure and sends the 
generated Key Reject message to the SS 100 using the PKM-RSP MAC message. 

[95] The key generdtion and distribution controller TO controls the operations of the 
Key Request message receiver 210, the message analyzer 220, flic subscriber dis- 
crininator 230, the memory 240, the traffic encryption key generator 250, and the Key 
Reply/Reject message sender 250 so as to gen^ate and distribute die respective 
service-spedfb traffic encryption keys corresponding to the request for allocation of 
the service-specifk: trafific encryption key by the SS 100, or to send an error code to 
the SS 100 upon an enor oocurred in generation of the traffic racryption key. 

[97] In the foregoing detailed description, only certain exemplary enbodiments of the 
present invention are shown and described, simply by way of illustration. As those 
skilled in the art would realize, the described crtbodiments may be modified in various 
different ways, all without departing from the spirit or scope of the present invention. 
Accordingly, the drawings and description are to be regarded as illustrative in nature, 
and not restrictive, 

[98] The effects of the present invention are as follows: 

[99] A function of allocating various swvice-spedfic traffic encryption keys provided in 
the system is supportable so that various services such as a multicast sc^ico or a 
broadcast service can be safely provided, and thereby attracting a larger nunber of 
subscribers and contributing to the activation of services. 

[100] In addition, the generation and manag^ent of tra£5c encryption keys by each 
service can guarantee stronger security of the services. 

[101] Further, the management of difTerent traffic encryption key allocated by each 

multicast service group can guarantee security maintenance for the respective multicast 
scrvbe. 

[102] While this invention has been described in connection with what is presently 

considered to be the nust practical and preferred enbodimcnt, it is to be understood 
that the invention is not linited to the disclosed ercbodiments, but, on the contrary, is 



wo 20U5/057321 



14 



?CT/KR2004/0a3212 



intended to cover various nodiiicatiuns an equivalent arrangements included within 
the spirit and scope of the appended claims. 



